CVE-2018-17173

CRITICAL EXPLOITED IN THE WILD NUCLEI

LG SuperSign CMS - Remote Code Execution via sourceUri Parameter

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2018-17173 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 2 public exploits from researchers including Alejandro Fanjul. A Nuclei detection template is also available.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in LG SuperSign EZ CMS via improper parameter handling in the `getThumbnail` endpoint. It sends a crafted GET request with a reverse shell payload encoded in the `sourceUri` parameter.

Description

LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.

Exploits (2)

exploitdb WORKING POC
by Alejandro Fanjul · rubyremotehardware
https://www.exploit-db.com/exploits/46795

This Metasploit module exploits a command injection vulnerability in LG SuperSign EZ CMS via improper parameter handling in the `getThumbnail` endpoint. It sends a crafted GET request with a reverse shell payload encoded in the `sourceUri` parameter.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: LG SuperSign EZ CMS
No auth needed
Prerequisites: Network access to the target · Netcat installed on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Alejandro Fanjul · pythonwebappshardware
https://www.exploit-db.com/exploits/45448

This exploit targets CVE-2018-17173 in LG SuperSign EZ CMS 2.5, leveraging improper parameter handling to achieve remote code execution via command injection in the `sourceUri` parameter. It spawns a reverse shell to the attacker's specified IP and port.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: LG SuperSign EZ CMS 2.5
No auth needed
Prerequisites: Network access to the target on port 9080 · Attacker-controlled listener for reverse shell
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

LG Supersign EZ CMS - Remote Code Execution
CRITICALby pussycat0x
FOFA: title="LG SuperSign"

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45448/
Exploit, Technical Description, Third Party Advisory x_refsource_misc
http://mamaquieroserpentester.blogspot.com/2018/09/lg-supersign-rce-to-luna-and-back-to.html
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/46795/

Scores

CVSS v3 9.8
EPSS 0.7903
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2019-06-06
InTheWild.io 2019-12-13
CWE
CWE-94
Status published
Products (1)
lg/supersign_cms 2.5
Published Sep 21, 2018
Tracked Since Feb 18, 2026